Intrusion detection system for signal based SIP attacks through timed HCPN

Proceedings - Second International Conference on Availability, Reliability and Security, ARES 2007

Volumn , Issue , 2007, Pages 190-197

  Yanlan, Ding ^a   Guiping, Su ^a  

^a UNIVERSITY OF CHINESE ACADEMY OF SCIENCES   (China)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER AIDED DESIGN; COMPUTER CRIME; INTERNET PROTOCOLS; INTERNET TELEPHONY; MATHEMATICAL MODELS;

ANOMALY DETECTION; CANCEL ATTACK; SESSION INITIATION PROTOCOL (SIP);

INTRUSION DETECTION;

EID: 34548151350     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ARES.2007.102     Document Type: Conference Paper

References (28)

1. J. Rosenberg et al., "SIP: Session Initiation Protocol," IETF RFC 3261, June 2002.
2. S. Salsano, L. Veltri, and D. Papalilo. SIP Security Issues: The SIP Authentication Procedure and its Processing Load. In IEEE Networks, pages 38-44, November 2002.
3. Geneiatakis D. "SIP Security Mechanisms: A state-of-the-art review", in the Proceedings of the Fifth International Network Conference (INC 2005) pages 147-155, July 2005
4. Martin Petraschek. "Attacks on SIP," March 2006
5. Mark D.Collier "Session Initiation Protocol Vulnerabilities", IPCOMM 2006.
6. M.Thomas, "SIP Security Requirements," IETF Internet draft, work in progress, Nov. 2001.
7. Mark Collier. "Basic Vulnerability Issues for SIP Security", Research Report, 2005
8. Scott D. and Sharp R., "Abstracting Application-Level Web Security," Proc. 11th Int'l World Wide Web Conf., ACM Press, New York, May 2002, pp. 396-407.
9. Alexander G Tartakovsky, "A Novel Approach to Detection of Intrusions in Computer Networks via Adaptive Sequential and Batch-Sequential Change-Point Detection Methods," IEEE transactions on signal processing. Vol.54 No.9, Sep 2006.
10. M.Roesch, "Snort: Lightweight intrusion detection for networks," In Proc. 13th Syst. Admin.Conf. (LISA), 1999, pp. 229-238.
11. J. Mirkovic, G. Prier, and P. Reiher, "Attacking DDoS at the source," in Proc. 10th IEEE Int. Conf. Network Protocols (ICNP), Paris, France, Nov. 10-12, 2002, pp. 312-321.
12. Zhuowei Li. "Theoretical Basis for Intrusion Detection", In Proceeding of the 2005 IEEE Workshop on Information Assurance and Security, 2005.
13. Wei Fan "Using Artificial anomalies to detect Unknown and known network intrusions," Proceedings IEEE International Conference on 29 Nov.-2 Dec. 2001 Page(s):123-130
14. Frans David. "An Anomaly&Signature-based Intrusion Detection System Model", Computing Technology and Automation, China, Vol.23, No.3, Sept 2004
15. P. Porras and A. Valdes. "Live traffic analysis of TCP/IP gateways," In Proc. ISOC Symp. NDSS, San Diego, Mar. 1998.
16. A PATTERN MATCHING MODEL FOR MISUSE INTRUSION DETECTION
17. K. Ilgun, "Ustat: A real-time intrusion detection system for Unix," in Proc. IEEE Symp. Res. Security Privacy, Oakland, CA, May 1993, pp. 16-28.
18. Sengar, H. "VoIP Intrusion Detection Through Interacting Protocol State Machines" Dependable Systems and Networks, 2006. DSN 2006. International Conference on 25-28 June 2006
19. R. Sekar, A. Gupta. Specification-based anomaly detection: A new approach for detecting network intrusions. In ACM Computer and Communication Security Conference (CCS), Washington DC, November 2002.
20. th National Computer Security Conference, pages 11-21, October 1994
21. Deborah Frincke. "Planning, Petri Nets, and Intrusion Detection," 21st Proc. National Information Systems Security Conference.
22. S. Kumar and E. Spafford. "A pattern matching model for misuse intrusion detection," In Proc. 17th Nat. Comput Security Conf., Oct. 1994, pp. 11-21.
23. Meimei Gao. "Fuzzy intrusion detection based on fuzzy reasoning Petri nets," Systems, Man and Cybernetics, 2003. IEEE International Conference on Volume 2, 5-8 Oct 2003.
24. Yanxin Wang*. "Towards the automatic generation of mobile agents for distributed intrusion detection system," The Journal of Systems and Software 79 (2006) 1-14
25. Kurt Jensen. Coloured Petri Nets. Basic Concepts, Analysis Methods and Practical Use Volume 2. Springer-Verlag, 1995.
26. E. Németh, "Hierarchical CPN model-based diagnosis using HAZOP knowledge," Research Report SCL-009/2003
27. Kozura, VE. "Verification of distributed systems modelled by high-level Petri nets," Parallel Computing in Electrical Engineering, 2002. PARELEC '02 Proceedings. International Conference on 22-25 Sept. 2002 Page(s):61-66
28. Y.Wu, S. Bagchi, S. Garg, N. Singh, and T. Tsai. SCIDIVE: A Stateful and Cross Protocol Intrusion Detection Architecture for Voice-over-IP Environments. In IEEE Dependable Systems and Networks Conference (DSN 2004), June 2004.